OKX users who were recently affected by a hack received full compensation from OKX.
The exchange decides to add a mandatory Google Authenticator to avoid similar incidents.
SlowMist reported earlier that the accounts were compromised by a SIM-swapping attack.
The two OKX users who were recently hacked received their full compensation from OKX. . Chinese crypto journalist Colin Wu had a report on two user accounts that were hacked through SMS and email hijacking.
Exclusive: Two users whose OKX accounts were stolen have received full compensation from OKX. The suspected cause was the hijacking of their SMS and email. OKX has decided to add mandatory Google Authenticator in the future to avoid similar incidents from happening again. https://t.co/MmRSLXohBt
â Wu Blockchain (@WuBlockchain) June 12, 2024
On June 9, 2024, Blockchain security firm SlowMist founder Yu Xian reported a major exploit in the OKX ecosystem, resulting in the loss of funds for two OKX users. The usersâ accounts were reportedly compromised in a SIM-swapping attack due to a vulnerability in the platformâs Two-Factor authentication (2FA) security system.
䞀äžȘäžćçććźłè ïŒä»ć€©ćæšééçäș€ææ莊ć·èą«çćžäș件çææłćäžäșçčćŸć± ç¶æŻçžäŒŒçïŒé€äș @AsAnEgg æć°çć ±æ§ïŒèżć æŹç俥éŁé©éç„æ„èȘâéŠæžŻâèżäžȘçčćŸăćć»șäșæ°ç API KeyïŒææç°ăäș€ææéïŒèżäčæŻäžșä»äčäčćæçæćŻčæČæćŸïŒçźćçæ„ćŻä»„æé€äșïŒă⊠https://t.co/pqIjqLhmkB
â Cos(äœćŒŠ)đ¶âđ«ïž (@evilcos) June 9, 2024
Xian elaborated on the hackersâ potential strategies and the critical details identified by the tracker, he stated,
âThe SMS risk notification came from âHong Kongâ and a new API Key was createdâŠThe premeditated gang committed the crime in a concentrated manner.â
Security analytics platform Dilation Effect further investigated the matter and identified a vulnerability in OKXâs authentication system, finding that OKX allows for lower security verification methods during sensitive operations.
In response to the hack, OKX initiated a probe and contacted the affected users, promising compensation if OKX was found responsible for the losses. The platform stated:
âWe attach great importance to the âexchange user assets stolenâ situation reported online todayâŠIf it is finally determined that the platform is responsible, the platform will take the initiative to bear it. In addition, we will announce the results as soon as the relevant investigation is completed.
As per Colin Wuâs post, OKX has fulfilled its promise. Additionally, the platform has decided to implement mandatory Google Authenticator to prevent any such mishaps in the future.
The post OKX Hacked: Victims Reimbursed, 2FA Security Beefed Up appeared first on Coin Edition.